초록

According to a Gartner study (Gartner, 11/2010), Android is now the No. 2 worldwide mobileoperating system and will challenge Symbian for No.1 position by 2014. In addition to Android’s largemarket share, the number of Android applications is growing at a fast rate. There are currently more than100,000 Android applications available (Techeye, 26/11/2010). With the increasing numbers of applicationsavailable for Android; spyware is becoming a real concern. Several malicious applications, ranging fromfake banking applications to an SMS Trojan embedded into a fake media player, have already beendiscovered on the Android Market since the beginning of this year. However, there are other forms ofmalware that may also emerge. What about hiding spyware in the background of a well-known application?For example, imagine an application claiming to be the latest version of a famous Twitter client, whichactually runs spyware in the background and uploads all private data to the attacker. The purpose of thispaper will be to explore a study of static analysis on Android and provide real case malware attackscenarios. Reverse engineering will be used, because most users do not check the permissions of theapplications loaded onto their mobile device.